Cyber security careers: Governance, risk and compliance
This career stream provides leadership, management, direction or development and advocacy to enable the organisation to effectively conduct cyber security work.
Speciality areas
- Cyber security awareness and training
- Cyber security advice and advocacy
- Strategic planning and policy development
- Information security risk management
- Information Security Management System
- Cyber security audit and policy compliance
Example roles
- Chief Information Security Officer
- Manager Information Security and Risk
- Principal Security Specialist
- Security Administrator
- Security specialist
Information assurance
As defined by the SFIA foundation: Information assurance is the protection of integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit. The management of risk in a pragmatic and cost-effective manner to ensure stakeholder confidence. Here are some ways you could build this skill, which applies to a range of cyber security roles.
Certifications
- CISM Certified Information Security Manager
- CISSP Certified Information Systems Security Professional
- Certified Information Systems Auditor (CISA) Certification
- CRISC Certified in Risk and Information Systems Control
- CCSP Certified Cloud Security Professional
- Security+
- SANS GISP
- SANS GSNA
- COBIT 5
- Information Technology Infrastructure Library (ITIL)
- Information Technology Service Management (ITSM)
- ISO 27001 LI and ISO 27001 LA
Courses
- COBIT 5
- Information Technology Infrastructure Library (ITIL)
- Information Technology Service Management (ITSM)
Frameworks
- ISO 27001 LI and ISO 27001 LA